1) One-Key Cryptography

In a "One-Key-Encryption"
or "Conventional Encryption", the sender and the recipient share the same key as their common
secret as displayed in figure 2 below.

Figure 2 (source: www.PGPi.com): Conventional
Encryption Scheme. The same key is used to encode and decode.

At some earlier point in time the two correspondents, the sender and the recipient,
must
have agreed on that key. If they are in different locations, they
must trust a courier or a phone system to transmit the secret key in
a secure manner. Surely, this is not very practical, particularly when
many (new) parties are involved.

However,
the major problem is the total number of keys involved.2 correspondents use 1 key, 3 use 3
keys, 4 use 6 keys, 5 use 10 keys, 100 use 4950 keys, 1000 use
499500
keys, etc. And each key must be stored in a
secure manner. And what if a key was accidentally revealed to a
third party? Key management
is enough of a difficult task that a name was invented for it: The
Key Distribution Problem. It is the reason why
One-Key-Cryptography is not appropriate for today's secure electronic data
transfers between many parties involved. Another way of encrypting
data was needed: Two-Key Cryptography solves the key distribution
problem.

Caesar's way of having to
deal with many different recipients was to simply use the same key
for everybody. This allowed any of his recipients to decrypt any
Caesar-encoded message. Let's assume that he hand-delivered his
letters to Cleopatra...

The Importance of Keys

Every Cipher is made up of two ingredients:
an encryption method (the "algorithm") and the set of all possible
keys (the "key space"). The sender may now choose from the number
of possible keys to encode his secret message. What
is the security of the encoded message based on? Is it the algorithm or the
variety of keys? The Dutch Cryptographer Auguste Kerckhoff von Nieuwenhof
answered this in 1883:

Kerckhoff's Principle:

"The
security of a cryptosystem shall not be based on keeping the algorithm
secret but solely on keeping the key secret."

Kerckhoff formulated what every sender
should have in mind when encoding a message: he shall not be naive and hope
that his way of encrypting (his algorithm) has not been invented yet. How
would he know? Nobody knows today how much cryptographic knowledge the
NSA possesses. The National Security Agency employs more Mathematicians and
other knowledgeable people than any other organization in the world. NSA is
jokingly abbreviated as No Such Agency since nobody knows their advances and
current knowledge on cryptography. The history of cryptography is filled
with examples where the senders based their confidence fully on the
assumption that their way of encoding was not known. A faux pas.

If the algorithm can not guarantee any
security, then it must be the keys. (Recall that Special Agent 007 - James
Bond - carries a secret key in his well-protected suitcase and not an
algorithm. And the submarine officers in "Crimson Tide" requires
the secret key to launch the nuclear weapons.) How do keys ensure the
security of a cipher? The answer is simple: It is the huge number of
possible keys to choose from. Correct, not big but huge. Why that? Well, if
a cipher consists of only 25 keys - as for the Caesar Cipher - an
eavesdropper simply has to test those keys and the cipher is cracked.
However, if the number of keys is 26! = 403291461126605635584000000 - as it
is for the Monoalphabetic Cipher - the eavesdropper's job is much more
difficult. Testing each possible key would take too long. I.e. If he tests
one key per second it would take him about a billion times the existence of
our universe to crack a Monoalphabetic Cipher. No eavesdropper would take
that route.

6 Key - Facts:

1) One-Key
Cryptography means that the knowledge of the encoding key yields the
decoding key. (We will learn below that this implication is not true
for Two-Key Cryptography.)

2) Such Ciphers are therefore also called "Symmetric
Ciphers". (Correspondingly, the Two-Key Cryptography Ciphers are
also called "Asymmetric Ciphers".)

3) If a Cipher only offers a small number of keys (i.e. the
Caesar Cipher) it can be broken by simply testing the possible keys.

4) A huge number of keys assures the security of a cipher (i.e.
The One Time Pad.)

5) One-Key-Cryptography provides "high-security"
ciphers, however, their usage is not practical because of the key
distribution problem. It describes the difficulty of exchanging and
handling a large number of keys. I.e. 1000 correspondents have to
handle a total of 499500 keys. The number of keys increases with the
square of the number of correspondents.

6) With the increased need for secure electronic communication
in the 1970's, more practical encryption methods were needed. Below, I
will explain how "Two-Key Cryptography" fulfilled this need.

2) Two-Key Cryptography

The "Two-Key Cryptography" or
"Public-Key Cryptography" was a major breakthrough in
1976. It makes the inconceivable reality: A Public Key is used to encode the
plain text, its corresponding Private Key
is used to decode the cipher text. The clue: Although the encoding
key available to the whole world, nobody is capable of figuring out
the decoding key. The figure below shows the how "Two-Key
Cryptography" is performed.

Figure 3 (source: www.PGPi.com): Public-Key
Encryption Scheme. The encoding key is used to encode the plaintext,
the decoding is used to decode the ciphertext.

The primary benefit of public key cryptography is that it allows
people who have no preexisting security arrangement to exchange
messages securely. The need for sender and receiver to share secret
keys via some secure channel is eliminated; all communications
involve only public keys, and no private key is ever transmitted or
shared.

Because conventional cryptography was once the only available
means for relaying secret information, the expense of secure
channels and key distribution relegated its use only to those who
could afford it, such as governments and large banks (or small
children with secret decoder rings). Public Key encryption is the
technological revolution that provides strong cryptography to the
adult masses. However, it is not meant to replace secret Key
encryption, but rather to supplement it. Many encryption systems
combine both as follows: The actual encryption is performed with a fast and
secure secret key method and the used secret key is encrypted with a public
key method and transmitted to the recipient together with the encrypted
message.

In this tutorial you will study the RSA-Cipher as the most
popular example of such public-key encryption systems. The other
ciphers in this tutorial are secret key encryption systems.